Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/d60ThBgpQgAjh3_LgxRzYUaoJl4.roa
File: d60ThBgpQgAjh3_LgxRzYUaoJl4.roa (raw, json)
Hash identifier: l1t2VTKdtldgv38vXRYKXC6UzAKL07cSSjOoCOYWqaY=
Subject key identifier: 77:AD:13:84:18:29:42:00:23:87:7F:CB:83:14:73:61:46:A8:26:5E
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 0196A75DE4DB4235E10F5B10BFBA7C10803C
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/d60ThBgpQgAjh3_LgxRzYUaoJl4.roa
Signing time: Tue 06 May 2025 20:51:10 +0000
ROA not before: Tue 06 May 2025 20:51:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.66.135.0/24 maxlen: 24
45.82.165.0/24 maxlen: 24
45.134.18.0/24 maxlen: 24
45.144.242.0/24 maxlen: 24
45.144.243.0/24 maxlen: 24
81.90.190.0/24 maxlen: 24
91.220.202.0/24 maxlen: 24
91.220.203.0/24 maxlen: 24
185.120.17.0/24 maxlen: 24
185.126.137.0/24 maxlen: 24
185.126.227.0/24 maxlen: 24
185.172.114.0/24 maxlen: 24
188.119.102.0/24 maxlen: 24
192.54.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a7:5d:e4:db:42:35:e1:0f:5b:10:bf:ba:7c:10:80:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: May 6 20:51:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77ad13841829420023877fcb8314736146a8265e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4a:24:69:e2:0c:31:2b:b7:23:eb:19:af:be:
b3:68:15:3c:50:db:86:2f:89:45:67:03:d8:ba:57:
06:71:10:04:00:38:3c:bd:ac:87:4e:53:8d:ef:10:
e9:44:af:d8:73:c3:f6:d9:7b:3b:3a:92:56:4b:62:
86:b9:ba:7f:91:95:1a:d9:41:63:e1:5e:43:8b:fe:
4a:2b:2a:4f:e0:46:f7:d5:d5:1d:e2:b2:b4:08:81:
83:a7:69:1f:9e:8d:8c:33:d9:02:f0:d3:7f:f7:25:
9e:47:54:50:a2:8b:62:c6:3a:d0:e2:97:a2:17:8f:
cc:d7:2a:0b:1e:71:9b:13:79:bb:16:e5:b1:e5:85:
3f:90:e0:eb:71:af:7c:a9:89:27:50:0d:1b:bf:df:
a2:dc:4c:09:f4:bc:62:32:17:3b:32:01:92:0b:65:
0b:7b:05:a4:f5:7a:da:e5:ad:db:57:43:55:60:b6:
32:84:69:ff:3c:36:6a:45:d5:7b:db:bc:46:a0:3a:
28:d6:2b:ce:31:dc:74:2c:3e:24:52:57:41:f7:45:
fc:ca:67:4b:22:fc:2d:c1:6d:ee:10:07:0f:5e:88:
5c:35:b0:48:ff:8a:c2:db:69:c0:88:53:a4:3d:4d:
ad:06:ce:85:b4:df:e4:23:df:f8:49:46:0e:c0:02:
f4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:AD:13:84:18:29:42:00:23:87:7F:CB:83:14:73:61:46:A8:26:5E
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/d60ThBgpQgAjh3_LgxRzYUaoJl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.135.0/24
45.82.165.0/24
45.134.18.0/24
45.144.242.0/23
81.90.190.0/24
91.220.202.0/23
185.120.17.0/24
185.126.137.0/24
185.126.227.0/24
185.172.114.0/24
188.119.102.0/24
192.54.56.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:c5:f1:c2:14:e0:7d:5e:c1:dd:a1:82:f5:e6:89:d9:6c:61:
48:20:7d:06:47:24:54:4f:e5:c2:f5:d9:b8:48:0f:5e:34:66:
22:4a:7a:1a:a0:ff:cc:d6:10:1c:bb:5d:5e:c0:4e:c1:ae:2c:
b5:ef:b4:04:d6:11:af:9f:98:fa:74:42:58:32:8d:6c:3d:1c:
f5:ae:2d:56:21:b7:a4:d3:0d:f1:14:f6:4f:7b:d3:8c:ec:33:
38:37:fb:f6:2c:81:ec:f3:b6:96:8a:9e:64:eb:3d:bb:2b:88:
b4:61:33:ad:90:87:31:00:a9:09:9b:d9:d3:df:ea:da:45:f8:
f4:10:5b:80:f0:d3:05:20:62:42:43:cc:b7:d8:f4:00:63:d2:
b1:9b:92:46:ce:09:e7:83:5a:bb:e2:dc:f0:d5:9e:a8:d2:5b:
29:b7:83:04:0e:38:6f:2b:cf:cc:3a:cd:06:da:12:a7:48:4a:
3e:c1:07:f5:2e:6b:ac:b4:e6:10:66:50:4a:0c:52:de:14:d0:
5f:76:ab:5b:4b:b1:c7:b1:c5:44:56:87:35:3a:56:9d:d1:86:
52:37:12:7f:90:d0:9b:1f:db:70:a8:f1:36:de:8c:10:8d:e9:
3e:a9:d2:01:3b:6a:a7:5e:17:f9:54:01:f5:a4:80:a6:15:d0:
a0:a6:ac:45
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZanXeTbQjXhD1sQv7p8EIA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjUwNTA2MjA1MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2FkMTM4NDE4Mjk0MjAwMjM4NzdmY2I4MzE0NzM2MTQ2YTgyNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkokaeIMMSu3I+sZr76zaBU8UNuG
L4lFZwPYulcGcRAEADg8vayHTlON7xDpRK/Yc8P22Xs7OpJWS2KGubp/kZUa2UFj
4V5Di/5KKypP4Eb31dUd4rK0CIGDp2kfno2MM9kC8NN/9yWeR1RQootixjrQ4pei
F4/M1yoLHnGbE3m7FuWx5YU/kODrca98qYknUA0bv9+i3EwJ9LxiMhc7MgGSC2UL
ewWk9Xra5a3bV0NVYLYyhGn/PDZqRdV727xGoDoo1ivOMdx0LD4kUldB90X8ymdL
IvwtwW3uEAcPXohcNbBI/4rC22nAiFOkPU2tBs6FtN/kI9/4SUYOwAL06QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHetE4QYKUIAI4d/y4MUc2FGqCZeMB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvZDYwVGhCZ3BRZ0FqaDNfTGd4UnpZVWFvSmw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALUKHAwQA
LVKlAwQALYYSAwQBLZDyAwQAUVq+AwQBW9zKAwQAuXgRAwQAuX6JAwQAuX7jAwQA
uaxyAwQAvHdmAwQAwDY4MA0GCSqGSIb3DQEBCwUAA4IBAQBdxfHCFOB9XsHdoYL1
5onZbGFIIH0GRyRUT+XC9dm4SA9eNGYiSnoaoP/M1hAcu11ewE7Briy177QE1hGv
n5j6dEJYMo1sPRz1ri1WIbek0w3xFPZPe9OM7DM4N/v2LIHs87aWip5k6z27K4i0
YTOtkIcxAKkJm9nT3+raRfj0EFuA8NMFIGJCQ8y32PQAY9Kxm5JGzgnng1q74tzw
1Z6o0lspt4MEDjhvK8/MOs0G2hKnSEo+wQf1LmustOYQZlBKDFLeFNBfdqtbS7HH
scVEVoc1Olad0YZSNxJ/kNCbH9twqPE23owQjek+qdIBO2qnXhf5VAH1pICmFdCg
pqxF
-----END CERTIFICATE-----
Generated at Sat May 10 14:53:44 2025 by rpki-client